CVE-2026-7454 WRL File Parsing Memory Corruption in Autodesk 3ds Max

A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

CVE-2026-7450 PAR File Parsing NULL Pointer Dereference in Autodesk 3ds Max

A maliciously crafted PAR file, when parsed through Autodesk 3ds Max, can force a NULL Pointer Dereference vulnerability. Successful exploitation may cause the application to crash, leading to a denial-of-service condition...

CVE-2026-0536

A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

CVE-2026-0659 USD File Parsing Out-of-Bounds Write Vulnerability

A maliciously crafted USD file, when loaded or imported into Autodesk Arnold or Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

CVE-2024-11576

Luxion KeyShot 3DS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visi...

CVE-2023-34290

Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a maliciou...

CVE-2023-34290

Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a maliciou...

Autodesk 多款产品资源管理错误漏洞

Autodesk Navisworks and others are products of Autodesk, Inc.Autodesk Navisworks is Autodesk 3ds Max is a full-featured 3D computer graphics software.Autodesk SKP is a product component. A security vulnerability exists in a number of Autodesk products, which stems from a vulnerability that allows...

Autodesk 3ds Max 缓冲区错误漏洞

Autodesk 3ds Max is a full-featured, three-dimensional computer graphics software from the American company Autodesk. A security vulnerability exists in Autodesk 3ds Max USD plugin version 0.4, which originates from the possibility that an attacker could trick a user into opening a malicious USD...

CVE-2022-35903

An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a 3DS file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within...

PT-2022-18947 · Bentley · Bentley View

Name of the Vulnerable Software and Affected Versions: Bentley View version 10.16.02.022 Description: This issue allows remote attackers to disclose sensitive information on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file...

CVE-2022-25789

A maliciously crafted DWF, 3DS and DWFX files in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution...

CVE-2021-46623

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

CVE-2021-46595

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

CVE-2021-46595

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

CVE-2021-34901

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

CVE-2021-34894

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

Bentley Systems Bentley View 缓冲区错误漏洞

Bentley View is a free viewer from Bentley Systems, Inc. A security vulnerability exists in Bentley View 3DS file parsing, which can be exploited by attackers to execute code in the context of the current process...

DEBIAN-CVE-2010-0280

Array index error in Jan Eric Kyprianidis lib3ds 1.x, as used in Google SketchUp 7.x before 7.1 M2, allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via crafted structures in a 3DS file, probably related to mesh.c...

UBUNTU-CVE-2010-0280

Array index error in Jan Eric Kyprianidis lib3ds 1.x, as used in Google SketchUp 7.x before 7.1 M2, allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via crafted structures in a 3DS file, probably related to mesh.c...